nanog mailing list archives
Re: Martian list of IP's to block???
From: rfuller () 3x com
Date: Fri, 1 Oct 1999 08:02:23 -0400
I used the ones Cisco outlined in their document IOS Essentials every ISP Should Know. Here is a copy of the list I use for out clients: deny ip host 0.0.0.0 any log deny ip 127.0.0.0 0.255.255.255 any log deny ip 10.0.0.0 0.255.255.255 any log deny ip 172.16.0.0 0.15.255.255 any log deny ip 192.168.0.0 0.0.255.255 any log deny ip xxx.xxx.xxx.0 0.0.0.255 any log deny ip 224.0.0.0 31.255.255.255 any log We are denyingy anyone that claims that their IP address is 0.0.0.0, Loopback addresses, all of the RFC 1918 addresses, address coming into us claiming they belong to our subnet, and multicast addresses. It seems to work for us. I also turn of ip directed broadcasts to minimize smurf/DoS attacks. If you would like a copy of the document I used, let me know and I'll e-mail a copy to you. Ron Fuller, CCDP, CCNP-ATM, CCNP-Security, MCNE, MCP 3X Corporation rfuller () 3x com "John M. Brown" <jmbrown () ihighway net>@merit.edu on 10/01/99 04:18:29 AM Sent by: owner-nanog () merit edu To: nanog () merit edu cc: Subject: Martian list of IP's to block??? working on a document and was wondering if people could provide the various versions of the Martian list that is used... thanks
Current thread:
- Martian list of IP's to block??? John M. Brown (Oct 01)
- <Possible follow-ups>
- Re: Martian list of IP's to block??? rfuller (Oct 01)
- Re: Martian list of IP's to block??? bmanning (Oct 01)
- Re: Martian list of IP's to block??? Jared Mauch (Oct 01)
- Re: Martian list of IP's to block??? Andy McConnell (Oct 01)
- RE: Martian list of IP's to block??? Rubens Kuhl Jr. (Oct 01)
- Re: Martian list of IP's to block??? Jared Mauch (Oct 01)
- RE: Martian list of IP's to block??? Rubens Kuhl Jr. (Oct 01)
- Re: Martian list of IP's to block??? bmanning (Oct 01)
- Re: Martian list of IP's to block??? Joe Abley (Oct 02)
- Re: Martian list of IP's to block??? sthaug (Oct 02)
- Re: Martian list of IP's to block??? Frank Hellemink (Oct 02)